cray: Add wireguard backbone

2022-12-15 14:29:31 +01:00 · 2022-12-15 14:29:31 +01:00 · e98704caa0
parent 2d3c341d83
commit e98704caa0
1 changed files with 41 additions and 1 deletions
--- a/machines/cray/configuration.nix
+++ b/machines/cray/configuration.nix
@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 {
  imports = [
    # Include the results of the hardware scan.
@ -12,11 +12,51 @@

  time.hardwareClockInLocalTime = true; #Be compatible with Windows Dualboot

+  networking.useNetworkd = true;
  networking.useDHCP = false;
  networking.hostName = "cray"; # Define your hostname.
  networking.interfaces.enp4s0.useDHCP = true;
  networking.interfaces.enp4s0.wakeOnLan.enable = true;

+  #boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
+  systemd.network = {
+    enable = true;
+    netdevs = {
+      "10-wg-backbone" = {
+        netdevConfig = {
+          Kind = "wireguard";
+          MTUBytes = "1300";
+          Name = "wg-backbone";
+        };
+        extraConfig = ''
+          [WireGuard]
+          PrivateKeyFile=/etc/secrets/wireguard
+          ListenPort=9918
+
+          [WireGuardPeer]
+          PublicKey=JjJrLv6ocRIgPGPz6TUexPj0eUSKPDEQFye4397nbwM=
+          AllowedIPs=192.168.8.0/24
+          Endpoint=marge.fleaz.me:50200
+        '';
+      };
+    };
+    networks = {
+      # See also man systemd.network
+      "40-wg0".extraConfig = ''
+        [Match]
+        Name=wg-backbone
+
+        [Network]
+        DHCP=no
+        IPv6AcceptRA=false
+
+        # IP addresses the client interface will have
+        [Address]
+        Address=192.168.8.13/24
+      '';
+    };
+  };
+
  # Enable CUPS
  services.printing.enable = true;
  services.printing.drivers = with pkgs; [ splix ];